Central Banking

Basel Committee Working Paper

    • Central Banking staff
  • LinkedIn  
  • Save this article
  • Print this page  
RESEARCH - Basel Committee on Banking Supervision. Working Paper on the regulatory treatment of operational risk. Bank for International Settlements, September 2001.Working Paper on the Regulatory Treatment of Operational Risk.AbstractThe purpose of this paper prepared by the Risk Management Group of the Basel Committee is to further the Committee's dialogue with the industry on the development of a Pillar 1 capital charge for operational risk in the New Basel Capital Accord. Comments on the issues outlined in this paper would be welcome, and should be submitted to relevant national supervisory authorities and central banks and may also be sent to the Secretariat of the Basel Committee on Banking Supervision at the Bank for International Settlements, CH-4002 Basel, Switzerland, by 31 October 2001. Comments may be submitted via e-mail: BCBS.capital@bis.org1 or by fax: +41 61 280 9100. Comments on working papers will not be posted on the BIS website. Introduction, definitions and data issues Background and the rationale for an operational risk chargeIn recent years, supervisors and the banking industry have recognised the importance of operational risk in shaping the risk profiles of financial institutions. Developments such as the use of more highly automated technology, the growth of e-commerce, large-scale mergers and acquisitions that test the viability of newly integrated systems, the emergence of banks as very large-volume service providers, the increased prevalence of outsourcing and the greater use of financing techniques that reduce credit and market risk, but that create increased operational risk, all suggest that operational risk exposures may be substantial and growing. This recognition has led to an increased emphasis on the importance of sound operational risk management at financial institutions and to greater prominence of operational risk in banks' internal capital assessment and allocation processes. In fact, the banking industry is currently undergoing a surge of innovation and development in these areas. Reflecting these developments, the Basel Committee on Banking Supervision established the principle of developing a Pillar 1 minimum regulatory capital charge for other risk, including operational risk, in its 1999 Consultative Paper. Following the consultation process and its own analysis, the Committee decided that only operational risk should be subject to a capital charge under Pillar 1. Additional elements of 'other risk' - for instance, interest rate risk in the banking book and liquidity risk - will be dealt with solely through Pillars 2 and 3. This position was expressed in the January 2001 Consultative Package and forms the assumption underpinning the Risk Management Group's (RMG's) ongoing analysis. This paper contains an overview of the RMG's work to date on refining the proposals for a Pillar 1 regulatory minimum capital requirement for operational risk. It reflects the RMG's extensive contact with financial industry representatives, its review of the many thoughtful and constructive comments received on the January Consultative Package, and the RMG's own internal deliberations. This work has resulted in a number of significant changes to the January proposals. These changes include: Refinement of the definition of operational risk that underpins the regulatory capital calculations; Proposed reduction in the overall level of the operational risk capital charge; Introduction of a new regulatory capital approach that is based on banks' internal risk estimates (the "Advanced Measurement Approaches" [AMA]); and Consideration of the role of insurance as a risk mitigant in the regulatory capital calculations. These changes are described more fully in the sections that follow. The RMG intends to continue work to refine these proposals in light of industry comments and with the benefit of tranche 2 Quantitative Impact Study (QIS) data that it will review further over the course of the autumn. Definition of operational riskIn the January 2001 Consultative Package, operational risk was defined as: "the risk of direct or indirect loss resulting from inadequate or failed internal processes, people and systems or from external events". The January 2001 paper went on to clarify that this definition included legal risk, but that strategic and reputational risks were not included in this definition for the purpose of a minimum regulatory operational risk capital charge. This focus on operational risk has been generally welcomed, although concerns were expressed about the exact meaning of `direct and indirect loss'. As mentioned above, for the purposes of a Pillar 1 capital charge, strategic and reputational risks are not included, and neither is it the intention for the capital charge to cover all indirect losses or opportunity costs. As a result, reference to `direct and indirect' in the overall definition has been dropped. By directly defining the types of loss events that should be recorded in internal loss data, the RMG can give much clearer guidance on which losses are relevant for regulatory capital purposes. This leads to a slightly revised definition, as follows: "the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events". The RMG confirms that this definition does not include systemic risk and the operational risk charge will be calibrated accordingly. It is important to note that this definition is based on the underlying causes of operational risk. It seeks to identify why a loss happened and at the broadest level includes the breakdown by four causes: people, processes, systems and external factors. This "causal-based" definition, and more detailed specifications of it, is particularly useful for the discipline of managing operational risk within institutions. However, for the purpose of operational risk loss quantification and the pooling of loss data across banks, it is necessary to rely on definitions that are readily measurable and comparable. Given the current state of industry practice, this has led banks and supervisors to move towards the distinction between operational risk causes, actual measurable events (which may be due to a number of causes, many of which may not be fully understood), and the P&L effects (costs) of those events. Operational risk can be analysed at each of these levels. Data collectionA key issue in the area of operational risk management - as well as in the development of regulatory capital requirements - is the collection and analysis of loss data. Whilst a growing number of institutions are collecting and analysing operational loss data, with some operating internal capital assessment and allocation mechanisms on this basis, it is clear that there has been no industry standard for such data exercises. Such data collection is important for the assessment of operational risk at individual institutions. There also is increasing recognition amongst banks and supervisors that the sharing of loss data, based on consistent definitions and metrics, is necessary to arrive at a comprehensive assessment of operational risk. The Committee has been keen to incentivise banks to develop further data collection and analysis. The proposal for a Pillar 1 capital charge has been an important stimulant in this regard, but, more directly, the RMG, via the QIS project, has set in train a data collection exercise that will help calibrate and test the proposed framework for operational risk. This framework, which was established in close collaboration with the banking industry and others, breaks operational risk exposures and losses into a series of standardised business lines and "event types". The business lines are intended to be generally applicable across a wide range of institutions. The event types are intended to group operational risk losses into distinct components according to the nature of the underlying operational risk event. Annex 2 contains the full framework of business lines and event types2. The definitions of event types are intended to encompass certain operational risk losses that currently may be embedded in credit or market risk related exposures. Going forward, the RMG wants to encourage banks to track explicitly these types of operational risk losses to arrive at a comprehensive assessment of the true operational risk profile within and across institutions. The Committee expects banks to include all operational risks in the loss event database and have clear policies implemented for the management of these risks. Nevertheless, for regulatory capital purposes the Committee expects banks to attribute operational risk related credit and market loss events to those risk areas for the calculation of regulatory capital requirements. The Committee will calibrate the overall capital charge for operational risk to prevent double counting with the credit capital charge. Banks should not retroactively seek to strip out operational losses from their existing credit loss databases and calculations in determining their regulatory capital requirements for credit risk. There were two strands to the work in the QIS: the first strand provided information on exposure indicators and the economic capital allocation to operational risk by business line. These data were instrumental in allowing the provisional estimate of the relative risk of the business lines and hence a preliminary reporting of the survey results as they relate to the Basic Indicator and Standardised Approaches, using a `top down' methodology (i.e. a technique where a predetermined amount of capital is allocated across business lines). The results of this analysis are set out below. The second strand of the QIS aimed to collect loss data from individual banks on a consistent and coherent basis and so allow a `bottom-up' assessment of all three approaches to operational risk capital. This tranche of the survey will also allow exploration of the issue of 'double counting' operational risk, as discussed above. Additional analysis of this tranche of QIS will continue over the autumn and will be reflected in further output from the Committee.Click the link on the right to read the full Working Paper.

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact info@centralbanking.com or view our subscription options here: http://subscriptions.centralbanking.com/subscribe

You are currently unable to copy this content. Please contact info@centralbanking.com to find out more.

Copyright Infopro Digital Limited. All rights reserved.

As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.

If you would like to purchase additional rights please email info@centralbanking.com

Copyright Infopro Digital Limited. All rights reserved.

You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.

If you would like to purchase additional rights please email info@centralbanking.com

More on Regulation

Most read articles loading...

You need to sign in to use this feature. If you don’t have a Central Banking account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account

.